CVE-2008-2210

Name of the Vulnerable Software and Affected Versions: Maian Support version 1.3

Description: The issue allows remote attackers to inject arbitrary web script or HTML via vulnerable parameters. Specifically, the msg script, msg script2, and msg script3 parameters to "admin/inc/footer.php" and the msg script2 parameter to "admin/inc/header.php" are affected.

Recommendations: For Maian Support version 1.3, consider restricting access to the admin/inc/footer.php and admin/inc/header.php files until a fix is available. As a temporary workaround, avoid using the msg script, msg script2, and msg script3 parameters in the affected API endpoints.